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TITLE: A method of using cryptography with biometric verification on 

security authentication 
Background of the invention 

The cryptography techniques exist today including a plurality of 
5 encryption/decryption algorithms, cryptanalysis, authentication, digital 
signature, crypt key management and so on. Its intended purpose is to provide 
a solution of securely information transmission, exchange and storage. 
Additionally, based on the foregoing, it would be desirable to achieve the 
security and privacy of confidential information when it is transmitted or 
1 0 interacted. The method of using the lengthy private key reveals the following 
two problems. 

(1) It is difficult to remember and store securely. 

(2) It is easy to be broke and attacked by hackers. 



1 5 Generally, there are three basic types of crypt keys. 

(1) The private (or secret) key is a symmetric technique, which uses the same 
key for encryption and decryption. However, use of the same key during 
the encryption and decryption processes make the cipher easy to break and 
cannot ensure the security of transmission. The private key mechanism is 

20 preferably generated using a symmetric algorithm such as DES (Data 
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Encryption Standard) and IDEA (International Data Encryption 
Algorithm). 

(2) The public key is an asymmetric encryption technique, which uses two 
different keys of a pair for encryption and decryption. Therefore, using two 

5 asymmetric keys for encrypting and decrypting information makes the 
cipher more difficult to break. The public key mechanism is known as the 
RSA (Revest, Shamir and Adleman). 

(3) Combing private and public key is a combination of keys that the public 
key is used for encryption with the random number combination and then 

10 the private key is used for the encryption/decryption processes with key 
transportation. The public/private key system, which is practical, can 
provide the security of information. 



As seen in Fig.l, generally using cryptography to transmit the confidential 
15 information, the sender operates an encryption function (EK) to convert the 
plain text (M) to cipher text (C). After the cipher text is then transmitted, the 
recipient performs the reverse process by using a decryption key to recover the 
plain text, referred to herein as the original text, from the received cipher text. 
Therefore, the cryptographic transformation is performed by the private key 
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mechanism and public key mechanism for protecting the security information 
and preventing the unauthorized user to alter the data. 

Summary of the invention 

5 The present invention provides a method of using cryptography with 
biometric verification on security authentication. It is therefore an object of the 
present invention to perform security authentication by utilizing live biometric 
feature, which is non-transferable and unique among all humans, and 
operating the asymmetric key of cryptography technique for collation. It is a 

1 0 further object of the present invention to perform cryptography technology for 
ensuring secure transmission of data and preventing the multiple keys lengthy, 
inconvenient and hard to be remembered. Therefore, the method is capable of 
providing cryptography technology in conjunction with the biometric 
authorization to prevent that people don't like to carry private keys and using a 

1 5 single key only to perform authentication will reveal privacy. Also, the present 
invention can be utilized in the application of security techniques for the 
transmission of data such as the personal authentication for business 
transactions, economic activities and so on. 

20 Brief description of the drawings 
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Fig. 1 is a flow chart to illustrate the transmission process via cryptography. 
Fig. 2 is a flow chart to perform how to use cryptography with biometric 
verification on security authentication. 

Fig. 3 is a flow chart to illustrate the process of biometric verification. 

5 

Detailed description of the preferred embodiment 

Illustration of the following serial numbers: 
1 . Using the DES algorithm to generate a crypt key Kl 
1 0 2. The user's biometric characteristics 

3. KDC 

4. The crypt key Kl and biometric features of the user are decrypted by using 
the private key of KDC. 

5. Verification 

1 5 6. The KDC rejects to release the user's private key K2 using RSA. 

7. The KDC allows releasing K2 by using RSA. 

8. The user's host 

9. K2 is decoded by using Kl . 

10. Biometric feature template input 
20 11. Biometric feature extraction 
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12. Collation 

This invention represents a method of using cryptography with biometric 
verification on security authentication. The method is used to security 
5 authentication by utilizing live biometric feature, which is non-transferable 
and unique among all humans, and operating the asymmetric key of 
cryptography technique for collation. The method provides cryptography 
technology in conjunction with the biometric authorization to ensure the 
encrypted data will not be broke or accessed by unauthorized persons when 

10 the information is transmitted from KDC. Furthermore, the object of the 
present invention is to store the user's PIN and biometric features on KDC and 
the user's PIN can be retrieved from KDC by performing the biometric 
verification. The mechanism can provide a high level assurance of secure 
transmission and prevent to carry multiple keys. All these elements will be 

15 described in more details below that the secret key is preferably generated 
using DES and the private key is preferably generated using RS A. 

Referring now to Fig. 2, an illustrative embodiment of this invention is shown. 
The user connects to the host and a crypt key of the user Kl is generated by 
20 using the DES algorithm/. The present invention also provides the biometric 
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authorization apparatus, which comprises an input device and a biometric 
sensor device for capturing both of personal information (PIN) and live 
physical immutable identification credentials of a user2. The encryption 
process is performed by using a public key EK of KDC and then the 
5 encrypted data which comprises the crypt key Kl, biometric features and 
personal information of the user is to be transmitted to KDC5 via Internet. 
After receiving the encrypted data from the user's terminal, KDC can decrypt 
the encrypted data using its private key DK and proceed with the verification 
process. The verification process5 is performed by collating digitized BIR and 

10 activated biometric features^. Also, comparing the original stored numbers on 
the host with the decrypted key Kl performs the verification. If the 
verification is not approved, KDC rejects to release the user's private key K2 
using the RSA6. On the contrary, if the verification is successful, KDC allows 
releasing K2 by using RSA7 and then encodes K2 using Kl to transmit to the 

1 5 user's hosttf. After receiving the encrypted K2, the user can decode K2 using 
KIP. Therefore, the method can overcome the need to carry, store, or 
remember private keys for encryption/decryption because the user's private 
keys can be retrieved from KDC by performing verification. The method also 
can prevent that using a single key only to perform authorization will reveal 
20 the privacy. This invention can be utilized in the application of the personal 
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identification for providing business transactions and economic activities with 
high security standard over the Net. 

The storage device of the user's host (terminal) can be a bank card, a credit 
5 card, a storage valued card, a magnetic strip card, an IC card, a smart card, an 
optical card, CD, DVD, a 2D bar code card, portable magnetic storage device, 
portable electronic memory device and portable mobile storage device. The 
user's private key K2 can be stored in a computer chip (for example, RAM, 
FLASH, EPROM, EEPROM) of the user's host. Therefore, the processor can 
10 perform the BIR process and encryption/decryption processes of the user's 
keys, which relates to calculation, collation and verification as a secured 
mechanism in the host. The method can ensure the user's private key K2 will 
not be broke or accessed by unauthorized persons when the information is 
transmitted from KDC. 

15 

As seen in Fig. 3, collating the activated biometric features, which are input by 
the biometric sensor, and the enrollment biometric features template, which is 
extracted by algorithm from the biometric characteristics database, performs 
the biometric verification. 

20 
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According to the standard of International Biometric Industry Association, the 
non-transferable unique biometric characteristics include fingerprint, 
voiceprint, face, iris, retina, palm print, palm shape, signature and other 
individual biometric characteristics. The Biometric Identification Record 
5 comprises raw data, processed data, signed data, encrypted data and feature 
points, which are extracted by algorithm. 

In conclusion, the present invention has the following advantages: 

1. This invention can overcome the problem, which the use of cryptographic 
10 keys for encryption/decryption, cannot perform authentication with high 

security. 

2. The method can prevent that utilizing biometric features only to perform 
authentication will reveal privacy. 

3. The present invention can provide high security of personal information. 
15 4. Each person has his own unique feature among all humans; therefore, the 

user can do business transactions and economic activities with high security 
standards. 

5. Utilizing the cryptography technology in conjunction with biometric 
authorization prevents that biometric features or confidential information will 
20 be forged or stole by third parties. 
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6. The method can overcome the need of carry, store, or remember private 
keys for encryption/decryption. 

7. The invention can be utilized in the application of personal identification. 

8. The present invention can be utilized in the application of business and 
5 industry. 



